Encryption is an important component to an email system so choosing an encryption solution should be done carefully. What should be considered when evaluating an encryption protection scheme for an organization’s email system? Here are some suggestions to keep in mind.

One important consideration is whether or not a solution uses open standards. Since email is based on an open standard, there are advantages to basing any protection placed on top of it on open standards, too.

One advantage is open standards assure that data can be recovered in the future. If your vendor uses open standards, then you don’t have to worry about accessing your data should you decide to move to another provider in the future or should your vendor go belly up during the next recession.

Another consideration when choosing an encryption solution is mobility. Mobility is important because email must be accessible to a variety of devices from anywhere. Wherever an organization’s workers travel, they’ll want to check their messages and an email encryption solution needs to accommodate that without creating any hassles.

A solid encryption solution should be able to use a mobile device’s native email application. You don’t want to force your workers to learn another interface for their mobile device or leave an email program they’ve become accustomed to in order to work with encrypted messages. Making things harder for users is a sure fire way to invite them to look for ways to circumvent the system. Those ways are almost always insecure and make your organization vulnerable to a raft of unsavory cyber types.

How will the new encryption solution jibe with your existing architecture? For example, do you want only outbound mail to be encrypted, or do you want mail within your organization encrypted, too? A flexible encryption solution will mesh with what you have in place. You want the encryption solution to acclimate itself to your needs and not have to bend your needs to accommodate the solution.

A flexible encryption system is also important for dealing with future uncertainty. Companies grow. Today’s 500 user company is tomorrow’s 1000 user one. Your encryption system needs to be able to adjust to those kinds of changes. If it can’t, it can affect the system architecture for your entire organization down the road. It can lock you into architectural models that are inadequate to meet the new needs of your company.

For example, today you may be satisfied with an encryption solution that just handles your email. Tomorrow, you may want to expand the scope of that encryption solution to include protecting files, folders, disks and other devices. If that’s the case, then you need to ask yourself, will the encryption solution force you to alter your infrastructure to accommodate that kind of expansion? Will it require you to create a new set of encryption keys for your users? Will it involve embarking on a training program for your organization to learn the new system?

In addition, an organization has to look beyond its own walls when picking an encryption solution. Will it be interoperable with your partners or others you do business with? Just as your users won’t be happy with a solution that forces them to alter established work practices, your organization’s customers and business partners won’t be enamored with a solution that imposes burdens on their existing systems. So when evaluating solution alternatives, interoperability with a variety of encryption systems is an important feature to consider.

With more and more companies coming under regulatory scrutiny and being compelled to comply with rules, regulations and laws governing how data is treated by organizations, as well as the growing pressure to incorporate cloud services into business operations, encryption solutions are becoming more important than ever. In some cases, encryption is required to meet legal requirements–as in Nevada where businesses must encrypt any personal information of a customer that is electronically transmitted. In the case of the cloud, encrypting data sent there just makes good sense to ensure information can’t be snooped either in transit or wherever it’s stored in the nimbus. For those reasons, among others, choosing an email encryption solution for your organization that satisfies not only external demands on it but its internal needs, both in the present and in the future is a decision that needs judicious consideration.